Is this a safe way to deal with password resets?

Taylor

Passwords are stored in a secure way. They’re only copied into plain text when pasted automatically into a password reminder mail. https://twitter.com/UKTesco/status/229542141012107265

Looking at this tweet it looks like passwords are just being stored in plain text? Surely this is not a safe way to deal with password resets?

Jack

Paha , Asda's better.

MrAndroid

@Taylor said: Surely this is not a safe way to deal with password resets?

No it is not, but every little helps.

Even to hackers :)

jarland

I just send out the database to the client on password resets. It's easier. Just look for yours. It's all in plain text anyway because who likes database entries that can't be read?

Randy

hackers will still find ways

Ree

Based on the fact that they're saying "Passwords are stored in a secure way" I assume that means they're encrypting the passwords, which means they can then decrypt them for the purpose of the "forgot your password?" email.

It's fine and good to encrypt all the other personal information, but encryption is not the recommended way to store passwords. Instead it's better to hash, and more importantly, to hash properly, which from what I've seen with some of the recent database leaks, not many people know how to do.

Damian

If you can convert encrypted text back to plain text, it's not secure.

gsx

Well if you provide the customer with a temporary password and have them change the password through your control panel/system, then the password would only be known to them and in a encrypted form.

Soylent

This is stupid, and they should be firing someone over it. If a hacker can get to your customer database, they can get the script with your password key in it. This is much much less secure than hashing.

Gary

There should never be password reminder emails. Hell, there should never be sign-up emails that contain your password, for that matter.

Forgotten your email? Then we'll email you a link to visit, that'll allow you to change your password.

jarland

Oh come on...an email with a generated password is fine. It's up to the user to change it. Let's not act like we're storing military secrets here.

Soylent

They're not sending you an email with a generated password (which I agree is fine, but only if you're forcing the user to change that password immediately upon logging in)d. They're sending you an email with YOUR password, but claiming they still store your password securely. This means they're probably using symmetric-key encryption to store passwords, and there's a script or something on their site that's going to have a copy of their encryption key in it.

gsrdgrdghd

@Soylent said: They're sending you an email with YOUR password, but claiming they still store your password securely.

If someone explains a joke it isn't funny anymore :(

Anyway i wonder how that Tweet hasn't been deleted yet?

Taylor

Looks like they are running out dated software and could not give a monkeys about security.

http://www.troyhunt.com/2012/07/lessons-in-website-security-anti.html